Skip to content
GitLab
Closed
Created by Trac@tracbot

various torsocks/ttdnsd errors and discrepancies

For the past two weeks I have been trying to integrate ttdnsd/torsocks combo into my system, allowing for proper DNS resolution to take place over Tor - all this was prompted by my report on bug legacy/trac#7797 (moved). Unfortunately, I've hit a brick wall.

In a nutshell, I have found a few discrepancies/errors in both torsocks and ttdnsd and I also have a problem trying to force torsocks to talk to tor.

Since in the "Component" section on this report form there is no place to select ttdnsd, I am doing this report for torsocks, as well as ttdnsd.

  1. Torsocks config file environment variable: ttdnsd expects that to be defined in TSOCKS_CONF_FILE, while torsocks also have 2 different definitions of it: TORSOCKS_CONFFILE (torsocks.8) and TORSOCKS_CONF_FILE (the binary .so file). The latter, when specified, works.

Also, that environment variable is only honoured BEFORE chroot (so the full path to this file MUST be specified) - something not mentioned in either of torsocks or ttdnsd man pages.

  1. Even though I am using all 3 environment variables, pointing to the right torsocks.conf file, I still can't make it work. Here is my config:

torsocks.conf

local = 127.0.0.0/255.0.0.0 local = 10.0.0.0/255.0.0.0 server = 127.0.0.1 server_port = 19050

ttdnsd.conf

8.8.8.8

torrc (relevant parts only are included)

SocksPort 19050 SocksListenAddress 127.0.0.1:19050 DNSPort 53 DNSListenAddress 127.0.0.3:53

SocksPolicy accept 127.0.0.1:* # localhost SocksPolicy accept 127.0.0.2:* # localhost SocksPolicy accept 127.0.0.3:* # localhost SocksPolicy accept 10.0.0.0/8:* SocksPolicy reject :

My tor proxy service is running on 127.0.0.1:19050. TTDNSD is running on 127.0.0.2:53, while tor's own DNS is running on 127.0.0.3:53.

When not using TORSOCKS_DEBUG during ttdnsd start, after the initial setup I get the following message when a DNS request is sent to ttdnsd from the command line (using dig):

07:37:32 libtorsocks(2507): Call to connect received on completed request 4 07:37:32 libtorsocks(2507): sendto: Connection is a UDP or ICMP stream, may be a DNS request or other form of leak: rejecting.

When TORSOCKS_DEBUG=1 is used, I get this:

libtorsocks: Got connection request libtorsocks: Intercepted call to getpeername libtorsocks: Intercepted call to poll libtorsocks: Intercepted call to poll libtorsocks: Got connection request libtorsocks: Call to connect received on completed request 4 libtorsocks: Got sendto request libtorsocks: sendto: Connection is a UDP or ICMP stream, may be a DNS request or other form of leak: rejecting. libtorsocks: Got sendto request libtorsocks: sendto: Connection is a UDP or ICMP stream, may be a DNS request or other form of leak: rejecting. [...ad nauseum...]

When I increase the debug level (TORSOCKS_DEBUG=255) I get a different message, though the effect is the same:

07:40:43 libtorsocks(2611): No requests waiting, calling real close 07:40:43 libtorsocks(2611): No requests waiting, calling real close 07:41:01 libtorsocks(2611): Got connection request 07:41:01 libtorsocks(2611): sin_family: 2 07:41:01 libtorsocks(2611): sockopt: 1 07:41:01 libtorsocks(2611): checking if address: 8.8.8.8 is local 07:41:01 libtorsocks(2611): localnet addr: 255.255.0.0 07:41:01 libtorsocks(2611): localip addr: 192.168.0.0 [...] 07:41:01 libtorsocks(2611): address: 8.8.8.8 is not local 07:41:01 libtorsocks(2611): Intercepted call to getpeername 07:41:01 libtorsocks(2611): Call to getpeername for fd 4 07:41:01 libtorsocks(2611): Got connection request for socket 4 to 8.8.8.8 07:41:01 libtorsocks(2611): Picking appropriate server for 8.8.8.8 07:41:01 libtorsocks(2611): Picked server 127.0.0.1 for connection 07:41:01 libtorsocks(2611): checking if address: 127.0.0.1 is local [...] 07:41:01 libtorsocks(2611): address: 127.0.0.0 is local 07:41:01 libtorsocks(2611): Beginning handle loop for socket 4 07:41:01 libtorsocks(2611): In request handle loop for socket 4, current state of request is 0 07:41:01 libtorsocks(2611): Connecting to 127.0.0.1 port 19050 07:41:01 libtorsocks(2611): Connect returned -1, errno is 115 07:41:01 libtorsocks(2611): Error 2 attempting to connect to SOCKS server (No such file or directory) 07:41:01 libtorsocks(2611): Handle loop completed for socket 4 in state 14, returning 2 connect status: No such file or directory We've loaded 8.8.8.8 as a nameserver. 1 nameservers loaded tsocks_conf: torsocks.conf log init... log file opened: ttdnsd.log log file opened as fd: 4 duping fds... check ttdnsd.log from here on out... dup2 says: 1 dup2 says: 2 closing original fd: 4... starting server... watching 1 file descriptors 1 file descriptors became ready received request of 37 bytes, id = 4927 adding new request (id=4927) new request added at pos: 436 using request slot 436 updating id: 16147 selecting peer peer selected: -1 connecting to 8.8.8.8 on port 53 watching 2 file descriptors 1 file descriptors became ready peer 8.8.8.8 in bad state 0 watching 2 file descriptors 1 file descriptors became ready peer 8.8.8.8 in bad state 0 watching 2 file descriptors [...ad nauseum...]

I have absolutely no idea what the above errors mean exactly!

The connection attempts were made from 127.0.0.1:XXXXX (dig) to 127.0.0.2:53 (ttdnsd) using UDP, and then I could see from /proc/net/nf_conntrack that a separate connection was indeed made (status is ASSURED) to the tor proxy (127.0.0.1:19050) from torsocks (127.0.0.2:XXXXX) using TCP.

Trac:
Username: mr-4

To upload designs, you'll need to enable LFS and have an admin enable hashed storage. More information